论文信息 - Using SPIN to Verify Security Properties of Cryptographic Protocols

Using SPIN to Verify Security Properties of Cryptographic Protocols

This paper explores the use of Spin for the verification of cryptographic protocol security properties. A general method is proposed to build a Promela model of the protocol and of the intruder capabilities. The method is illustrated showing the modeling of a classical case study, i.e. the Needham-Schroeder Public Key Authentication Protocol. Using the model so built, Spin can find a known attack on the protocol, and it correctly validates the fixed version of the protocol.

Riccardo Sisto | Paolo Maggi | R. Sisto | P. Maggi

[1] Giovanni Maria Sacco,et al. Timestamps in key distribution protocols , 1981, CACM.

[2] Gavin Lowe. Casper: a compiler for the analysis of security protocols , 1998 .

[3] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[4] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5] John C. Mitchell,et al. Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6] Somesh Jha,et al. Verifying security protocols with Brutus , 2000, TSEM.

[7] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.

[8] John Ulrich,et al. Automated Analysis of Cryptographic Protocols Using Mur ' , 1997 .

[9] Gavin Lowe,et al. Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10] Gavin Lowe,et al. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[11] Adriano Valenzano,et al. A State-Exploration Technique for Spi-Calculus Testing Equivalence Verification , 2000, FORTE.